On 26 September 2024, the Department of National Defence and Canadian Armed Forces (CAF) officially created the CAF Cyber Command (CYBERCOM). For many Canadians, this was the first time learning that its military was engaged in defensive and offensive operations in cyberspace. However, while CAFCYBERCOM is a significant achievement and milestone, this is only one milestone in the approximately 25-year history of the CAF’s cyber capabilities.

Despite nearly thirty years of experience, no effort has been made to catalogue the development of the CAF’s ability to operate in cyberspace. Recently, I presented an overview of how the CAF went from an initial cybersecurity incident response team to CAFCYBERCOM at the Canadian Intelligence History at a Crossroads. I began my research for this project thinking it would be pretty straightforward because of my experience and research into CAF cyber. However, this turned into finding old CAF formation Christmas newsletters from the 2000s simply to confirm some basic information about the specific year certain CAF organizations were created.

This is a great disservice to Canadians and harms government transparency by reducing the means for Canadians to understand what its government has done and is doing with the military. In addition, this is disrespectful to those who have served and continue to serve in the CAF’s Cyber Forces and their contributions to Canada's defence.

In light of this and the positive response to my initial work cataloguing this history, I am launching the CAF Cyber History Project. In this long-term project, I will compile as much unclassified public information as possible through open-source intelligence to chronicle how the CAF developed its cyber capabilities from 1999 to the creation of CYBERCOM in 2024 and beyond.

What will be the content of this project?

Several projects that relate to this project are already in development, some more recent and some more long-term content. Some of these projects include:

• Ongoing presentation series

  • I will be taking my presentation from the Canadian Intelligence History conference, “Following the Digital Snail’s Trail: The Short History of CAF Cyber Operations,” and presenting it on an ongoing basis, updating it as more information comes to light.
    

  • The first of these presentations will be at BSides Ottawa, which takes place November 21 to 22. This new talk will be approximately double the length of the original presentation. Due to the additional time, I will provide a lot more information where I previously was unable to, and I will also go into detail about CAFCYBERCOM and what we currently know about this new organization.

    

• Papers & Articles

  • Two articles are currently being written that use information from the CAF Cyber History Project.

    • The first article will be the written version of my presentation at the Canadian Intelligence History at a Crossroads conference.

      • Following this article, a longer, more detailed paper will also be written, which will likely be published in a Canadian academic journal.

    • The second article, which will be released with the Canadian Global Affairs Institute, focuses more on the contemporary issues of CAF cyber operations and CAFCYBERCOM.
      

• A timeline will be created to list all the significant developments in the CAF’s cyber capabilities and institutions. This timeline will be based on open-source intelligence and documents obtained through the access-to-information process, with links to all sources.

If you are interested in contributing to this project and helping to preserve the history of the CAF’s cyber forces, email cyberincontext@gmail.com.